Having your email address exposed on LinkedIn can be concerning. You likely signed up for LinkedIn to network professionally, not to be bombarded with unsolicited emails. So how are people getting your email address without your permission?
How Email Addresses Are Shared on LinkedIn
There are a few ways your email address may be visible to others on LinkedIn:
- Your profile settings – If you have your email set to be visible in your LinkedIn profile settings, anyone who views your profile can see it.
- Publishing articles – If you publish any long-form articles on LinkedIn, your email address may be displayed with the article, depending on your settings.
- Joining groups – When you join a LinkedIn group as a member, your email address may be visible to other members of that group.
- Messaging – If you message someone directly on LinkedIn who is not in your network, your email address will be revealed to them.
So if you want to keep your email more private, check your settings and be cautious about joining groups or messaging outside your network. LinkedIn does offer some privacy options to control what’s visible to the public.
How People Get Email Addresses Without Permission
Even if you are careful about your LinkedIn privacy settings, there are still ways people can harvest email addresses without your consent:
- Web scraping tools – Bots and web scraping software can harvest publicly listed email addresses from LinkedIn profiles en masse.
- Browser extensions – Some browser extensions can detect and extract email addresses from LinkedIn pages.
- Public profile scraping – Services exist that scrape data from public LinkedIn profiles, including email addresses, and compile the data.
- Public groups – People can harvest emails of those who post content publicly in LinkedIn groups.
- Contacts and connections – Your email address can be retrieved from the contacts and connections of others in your network.
So even if your own profile is locked down, your email address can still be obtained from public LinkedIn pages and profiles and shared with third parties.
What Can You Do If Someone Gets Your Email?
If you find your email address has been retrieved without authorization, here are some steps you can take:
- Adjust LinkedIn privacy settings – Double check that your email is not publicly visible on your profile or with articles you have published.
- Leave public groups – Remove yourself from LinkedIn groups, especially large public ones, to limit email exposure.
- Send removal requests – Contact the website/platform that displayed your email without permission and request removal.
- Use email filters – Filter and delete emails from unwanted senders.
- Mark as spam – Mark unwanted emails as spam to train email providers’ filters.
- Unsubscribe – Unsubscribe from unwanted email lists.
- Change email address – As a last resort, change your email address and update it for your important accounts.
It’s wise to do regular audits of your LinkedIn profile and settings to confirm your email address is not unintentionally public. You can also contact LinkedIn support if you believe your privacy has been violated.
How Can LinkedIn Better Protect Email Addresses?
Here are some ways LinkedIn could enhance protection of email addresses:
- Restrict email visibility – Email addresses should never be fully public. LinkedIn could make email visibility restricted only to direct connections by default.
- Limit public sharing – Prevent email addresses from being visible when sharing articles publicly or when joining large groups.
- Remove email APIs – Remove any public APIs that provide access to members’ email addresses.
- Crack down on scraping – Be more aggressive about detecting and prohibiting bots and scrapers.
- Increased privacy options – Give users more granular control over who can see email addresses.
- Email obfuscation – When sharing content publicly, replace contact emails with a [email protected] alias.
In summary, LinkedIn should make email addresses completely private by default and give users control over how emails are shared. Public and uncontrolled exposure of business emails is a violation of privacy.
What Legal Protections Exist for Email Addresses?
Here are some laws that protect email privacy:
- CAN-SPAM Act – Outlaws sending commercial emails without consent, harvesting emails, and sharing emails without permission.
- GDPR – Gives EU citizens control over personal data including emails, restricts automated data collection.
- California Online Privacy Protection Act (CalOPPA) – Requires websites to have a privacy policy that explains email collection and use.
- California Consumer Privacy Act (CCPA) – Gives California residents the right to know what data like emails is collected and opt-out of sale/sharing.
- State laws – Laws against computer hacking/unauthorized computer access when obtaining emails.
So there are some legal avenues depending on how your email was obtained. Violations of CAN-SPAM, CCPA, and computer hacking laws may be possible to pursue.
Conclusion
It’s alarming how easily email addresses can be taken from LinkedIn and abused. LinkedIn has some work to do in improving privacy defaults, settings, and protections. In the meantime, individuals should be proactive about locking down profile settings and reporting any email misuse. There are also laws that may apply depending on how your email was obtained without authorization. With vigilance and asserting your rights, you can help reduce the unwanted sharing of your personal contact information.